* Added constant time strings comparison to avoid possible time-based attacks
* Fixed data types
* Fixed indentation
* Moved string comnparison in constant time to String class; modified function body to assure constant time comparison despite compiler optimizations
* Removed wrong code
* Fixed error and prevented compiler optimization to delete u1 local variable
* Avoid timing attacks on string comparison
* Minor
* changed counter names, removed else
* EEPROM Library:
Improved put function, compare data and only in case are different set _dirty flag, copy the data
* It will grant that the _dirty flag is reset only at EEPROM.commit() and no changes are lost
Mainly useful for testing WiFiClientSecure in local environments.
If allowSelfSignedCerts is called before verifyCertChain, then the
certificate chain will be verified, but the final certificate may be
self-signed.
* ifndef'd LWIP_OPEN_SRC to prevent a redefined warning
* ABORT on NOTIFY to prevent responding to NOTIFY messages (we should only respond to M-SEARCH messages)
* case-insensitive compare of _deviceType to enable response to all-lowercase Alexa queries (robustness principle)
* Add Digest Auth
* Check for Opaque and Nonce
* Remove Serial Debug and fix Indentation
* Added example sketch with documentation,Fixed indentation and Defaults
* Digest Authentication minor changes + new padded 32 digit random function
* update license to public domain
* renaming functions
The extension -> MIME type routine uses lots of constant strings which end
up in the RODATA segment of RAM. Refactor the comparison to use a table of
strings stored in PMMEM instead, freeing ~370 bytes for the heap.
The ax_port_malloc, ax_port_calloc, ax_port_realloc, and ax_port_free
functions in WiFiClientSecure are not actually used by the AXTLS library.
It's directly using the library routines, and these function are never
used. Remove these dead bits of code to make the axtls operation clearer.
Replace volatile with properly placed __sync_synchronize
SPI1W0 is volatile, but when writing multiple words
to the FIFO (which is really just a piece of SRAM),
we don't need to worry about write ordering. We only
need worry about write ordering such that all FIFO
words are written completely before HSPI is told to
use FIFO by setting SPI1CMD |= SPIBUSY;
When WiFiClientSecure::connect was called, it would first tear down and
existing and set up new TCP session, then tear down existing TLS session
(using ssl_free), and then set up a new one. This caused TLS close-
notify alert to be sent to the new TCP session, preventing new session
from being established. This change postpones setting IO ctx to the new
TCP connection, fixing this issue.
Ref https://github.com/esp8266/Arduino/issues/3330
WiFiClient write timeouts introduced in #3257 applied to the whole write
operation, which could take long time if data size was large. This
change makes the timeout happen per chunk. Timeout now happens if no
data has been delivered within a given interval.
Some websites have certificates with uppercase letters in CN. This change
makes _verifyDN function accept such certificates by converting all names
to lower case before comparing them.
Resolves#2978
